A vulnerability in ClamAV was discovered that could allow remote
attackers to cause a denial of service via a crafted RTF file or a
crafted HTML document with a data: URI, both of which trigger a NULL
dereference (CVE-2007-4510).

A vulnerability in clamav-milter, when run in black hole mode,
could allow remote attackers to execute arbitrary commands via shell
metacharacters that are used in a certain popen call (CVE-2007-4560).

Other bugs have also been corrected in 0.91.2 which is being provided
with this update.
_______________________________________________________________________